Operation Payback directs DDoS attack at AFACT

Thousands of bystanders taken out.

Anonymous attackers using the 4chan message board have levelled a sustained DDoS (distributed denial of service attack) against the Australian Federation Against Copyright Theft (AFACT) website, taking out thousands of other Australian websites in the process.

The attack, which was scheduled to begin at 5am AEST today, took the site down at 8:30am for several hours before AFACT and its technology partners took measures to restore service.

Neil Gane, executive director at AFACT, confirmed the site was inaccessible for several hours.

Gane said the attack - which constitutes a criminal act in Australia and several international jurisdictions - also took out close to 8,000 other web sites hosted by AFACT's technology partner, whom iTnews understands to be NetRegistry.

The company said an attack began at 8:30am AEST this morning, with NetRegistry's firewall flooded with connection requests in what the company claimed was an attempt to take down all of its servers.

"They had achieved success in disabling all access to some of the client facing services behind the firewall, however this was short lived and we were able to restore most connectivity to those machines within some 30 minutes," the company said.

Impacted services included websites using NetRegistry's 'Zeus' cluster - a group of websites using PHP but not utilising Apache web server - plus some webmail services and website administration consoles.

"A lot of these sites are small Australian businesses and Government web sites," Gane said. "They have been affected by this senseless act."

Organisers of the attack have now distributed the details of five IP addresses used by AFACT, asking attackers to use the message "PAYBACK IS A BITCH" as they flooded the site.

"Target will be: afact.org.au," read instructions on a web site aiming to corral attackers.

The group claims the attacks are a retaliation against efforts to take down file sharing sites such as The Pirate Bay.

"Anonymous is sick and tired of these corporations seeking to control the internet in their pursuit of profit," the group wrote in an explanatory letter prior to the attacks. "Anonymous cannot sit by and do nothing while these organisations stifle the spread of ideas and attack those who wish to exercise their rights to share with others."

The group claims individuals taking part in the attack are unlikely to be caught.

"Chances are next to zero because we are so many doing it. You can simply deny knowing what they are talking about, or saying you have been infected by a virus (botnet). However, if you try to do this alone chances are MUCH higher that you get caught."

But Gane said he understands that there "are ways of collating IP addresses" to identify the attackers.

All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.Your use of this website
constitutes acceptance of nextmedia's Privacy Policy and
Terms & Conditions.